The Better Business Bureau is warning businesses and consumers of a new computer threat that steals information, encrypts the data, and then charges $300 in ransom for recovery of the files.
The ransomware is called CryptoLocker, and is the latest attempt by scammers to hold consumer’s and businesses’ computer information hostage in order to make a quick buck.
The Better Business Bureau first reported on a similar computer attack in July involving scammers pretending to be Microsoft technicians locking users out of their computers and demanding payment for access.
The BBB continues to receive calls of this nature, but CryptoLocker is more threatening than prior reported ransomware due to its excessive measures.
Here’s how it works: the program disguises itself as a legitimate email attachment in a .zip file format. Inside that .zip file will be a double extension file such as .pdf.exe.
The problem is you may never see that double extension, as Windows’ default settings may hide that extension and just display the icon for a PDF file.
Multiple victims have reported the email appears as a shipping notice from the U.S. Postal Service or FedEx. This email may appear to be from other legitimate organizations such as Amazon or other online vendors. When opened, it encrypts files stored on local and mounted network drives. The key needed to unlock the encrypted files is then stored on the malware’s servers.
A message displays on the monitor offering to decrypt the data for $300 with a deadline of 72-100 hours. If the user does not pay the fee the private key will be deleted and the files will be lost forever.
Payment of the ransom allows the user to download the decryption program, which is pre-loaded with the user’s private key.
One of the biggest threats with CryptoLocker is that, while the program itself is readily removed, the files remain encrypted in a way that several experts consider infeasible to break, the BBB said.
To this point there is no solution to recovering these files without paying the ransom. Another big concern is the loss of any banking information stored on the computer. The risk of identity theft can carry a much higher price tag and be a much bigger concern than the encrypted files.
“Be very, very mindful of what emails you are opening. If you feel an email seems odd or out of place consider contacting the sender by another method to confirm the email is legitimate,” said Julie Wheeler, president of CEO of BBB Serving Western VA. “Another key is backing up your files in a safe and secure place. Regular backup will ensure that files can never be completely lost because of threats like CryptoLocker.”
It is important that businesses and consumers contact their anti-virus software providers to determine if they have protection against this ransomware and others like it, the BBB said.
Here are tips to avoid being a victim of ransomware and other computer threats:
• Regular backups of files are the only way to prevent the complete loss of files to programs like CryptoLocker.
• Never open an email attachment that seems random, odd, or suspicious.
• Do not open double extension files sent via email attachments.
• Carefully consider operating in the cloud to keep files encrypted and out of the reach of such attacks. Constant backup is still advised while using the cloud for storage.
• Install a firewall and anti-virus program to protect your computer and personal information. Update these programs frequently. While it may not detect all ransomware, it should stop many threats.
• Update your operating system and web browser software regularly.
• Protect your passwords by keeping them in a safe place. Create different passwords for each online account that you have.
• Never give personal or financial information to unsolicited callers.
• Contact your service provider directly if you are concerned you may be exposed to viruses or other security threats.
• Find a computer repair company you can trust.